Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01 Exécuté par Lescat (administrateur) sur LESCATALAIN (ASUSTeK COMPUTER INC. S551LN) (23-07-2021 18:30:20) Exécuté depuis C:\Users\malen_000\Desktop Profils chargés: Lescat Platform: Windows 10 Home Version 20H2 19042.1055 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_639a3c256c54d65e\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel(R) Software -> Intel Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-930400344-1600436398-98965620-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-930400344-1600436398-98965620-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Windows x64\Print Processors\spe__PC: C:\Windows\System32\spool\prtprocs\x64\spe__pc.dll [41984 2012-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\EPSON XP-215 217 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMBLGE.DLL [179712 2014-12-03] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\WINDOWS\system32\hpinkstsC511LM.dll [333496 2013-08-14] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): C:\WINDOWS\system32\HPDiscoPMC511.dll [762400 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {069E56F4-AF16-4353-B941-2A73ED765400} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {1692651C-AD79-4D11-8EDE-8CFF490F04DA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {21374B34-6DC7-4218-A3C7-FF5B31C4F917} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2586E65B-1969-47BB-ABF5-0370E544FED2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {29059514-ABA5-4CB7-8E19-A5DA7731975F} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {2E4EBC94-6595-4299-9066-3970C1CEE657} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2020-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {333831AC-99C8-4A41-9F36-5FD29572D2FE} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-23] (Mozilla Corporation -> Mozilla Foundation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {42F2F2E3-F506-40BA-9B07-0E5ADE8700B5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) Task: {43F3FA7F-D416-4FA0-AFC1-CDE35E8687CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {471003E1-8273-42AA-B0D9-22161E356F5B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) Task: {50FE440C-878C-4642-B1B1-B659ED24BF19} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [74112 2014-01-03] (ASUSTeK Computer Inc. -> ) Task: {634DFDC2-F7FD-4AA7-99B7-14F5EE25992E} - System32\Tasks\{379D511A-2CAE-4440-ACCD-63DD3269FDBF} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{3761D0A0-6694-41F1-A735-83074F2D2B37}\Setup.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{3761D0A0-6694-41F1-A735-83074F2D2B37}" Task: {67621FFC-4657-4248-9443-65EB68F5BA97} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [Argument = -check] Task: {67CE13E8-506E-45BB-B278-737B6B198746} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-male.non@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {7E5B8E2A-C262-4A40-BE5C-8912B60326D7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7F373793-B472-44E0-A311-962CAC35E770} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {930430B9-D896-4C3D-A4D1-8E7B729B5D58} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform) Task: {9510E66A-314C-4750-BBF9-0BF6041FD0F8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A0938683-5060-4FD4-B915-E3CCE75792E7} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2020-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {CA86AB05-9F62-4BBF-98AC-034C700EFB35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CC470624-B14B-4824-80B6-7F81A1894A48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CD0DA4D0-A9C3-47F7-BDE8-4E5F8753EEDD} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2020-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D4F7A8E5-3280-487A-8A99-B3C702EE417A} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1038648 2014-01-03] (ASUSTeK Computer Inc. -> ASUS) Task: {EADCC38E-3A1D-4613-B750-FFCE76528857} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EC335FA9-A723-4F78-8289-91D7B04B0379} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) Task: {ECCB41DA-5007-48C1-9EB2-F7B5A3D21F68} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {F19690D0-66BC-4342-A6C3-497A43A9EE3B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {F57B7931-D99C-41DF-AFFB-D599A8497613} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-02] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{8e24e978-257f-4aeb-a087-998a716e2997}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{acfe74fa-2369-4b8b-99b5-e7dfe5a9e0eb}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{acfe74fa-2369-4b8b-99b5-e7dfe5a9e0eb}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Edge: ======= Edge Profile: C:\Users\malen_000\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-23] FireFox: ======== FF DefaultProfile: r8v0w6k1.default-1487177101161-1608665979206 FF ProfilePath: C:\Users\malen_000\AppData\Roaming\Mozilla\Firefox\Profiles\r8v0w6k1.default-1487177101161-1608665979206 [2021-07-23] FF Extension: (AdGuard AdBlocker) - C:\Users\malen_000\AppData\Roaming\Mozilla\Firefox\Profiles\r8v0w6k1.default-1487177101161-1608665979206\Extensions\adguardadblocker@adguard.com.xpi [2021-07-05] FF Extension: (Cookie AutoDelete) - C:\Users\malen_000\AppData\Roaming\Mozilla\Firefox\Profiles\r8v0w6k1.default-1487177101161-1608665979206\Extensions\CookieAutoDelete@kennydo.com.xpi [2021-07-05] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\malen_000\AppData\Roaming\Mozilla\Firefox\Profiles\r8v0w6k1.default-1487177101161-1608665979206\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-07-10] FF Extension: (Smart Blocker) - C:\Users\malen_000\AppData\Roaming\Mozilla\Firefox\Profiles\r8v0w6k1.default-1487177101161-1608665979206\Extensions\{38d68dcb-1982-4b81-a6d6-c4e61a3547d4}.xpi [2021-07-05] FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\malen_000\AppData\Roaming\Mozilla\Firefox\Profiles\r8v0w6k1.default-1487177101161-1608665979206\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2021-01-22] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (NoScript) - C:\Users\malen_000\AppData\Roaming\Mozilla\Firefox\Profiles\r8v0w6k1.default-1487177101161-1608665979206\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-23] FF Extension: (Video DownloadHelper) - C:\Users\malen_000\AppData\Roaming\Mozilla\Firefox\Profiles\r8v0w6k1.default-1487177101161-1608665979206\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-02] FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [Fichier non signé] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) S2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Fichier non signé] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_639a3c256c54d65e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_639a3c256c54d65e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [69392 2014-02-13] (ASUSTeK Computer Inc. -> ASUS Corporation) R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2020-12-12] (IVT CORPORATION -> IVT Corporation.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-11-03] (Microsoft Corporation) [Fichier non signé] R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel(R) Software -> Intel Corporation) S3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel(R) Software -> Intel Corporation) S3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel(R) Software -> Intel Corporation) R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel(R) Software -> Intel Corporation) S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2020-12-12] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> ) R3 m76usb; C:\WINDOWS\System32\drivers\m76usb.sys [563360 2015-06-03] (MEDIATEK INC. -> Ralink Technology Corp.) S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2014-06-10] (Apple Inc.) [Fichier non signé] R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-01-03] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider) S3 ptun0901; C:\WINDOWS\system32\DRIVERS\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tapexpressvpn; C:\WINDOWS\system32\DRIVERS\tapexpressvpn.sys [35696 2018-04-09] (ExprsVPN LLC -> The OpenVPN Project) S3 tapwindscribe0901; C:\WINDOWS\system32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-13] (Windscribe Limited -> The OpenVPN Project) S3 udsstub; C:\WINDOWS\System32\drivers\udsstub.sys [37888 2020-12-12] (SysNucleus -> SysNucleus) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Fichier non signé] S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [199808 2017-10-18] (Oracle Corporation -> Oracle Corporation) S3 VNUSB; C:\WINDOWS\System32\Drivers\VNUSB.sys [22528 2009-09-29] (OLYMPUS IMAGING CORP. -> OLYMPUS IMAGING CORP.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-02] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-02] (Microsoft Windows -> Microsoft Corporation) S3 MpKslb6eee151; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DB610BBE-3FA7-4156-AF6F-E6B34AB7C592}\MpKslDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-07-23 18:30 - 2021-07-23 18:33 - 000025946 _____ C:\Users\malen_000\Desktop\FRST.txt 2021-07-23 18:29 - 2021-07-23 18:29 - 000000000 ____D C:\Users\malen_000\Desktop\Nouveau dossier 2021-07-23 17:35 - 2021-07-23 18:32 - 000000000 ____D C:\FRST 2021-07-23 17:31 - 2021-07-23 17:32 - 002300416 _____ (Farbar) C:\Users\malen_000\Desktop\FRST64.exe 2021-07-23 17:30 - 2021-07-23 17:30 - 000000037 _____ C:\Users\malen_000\Desktop\LienCjointZHPDiag.txt 2021-07-23 17:16 - 2021-07-23 17:16 - 000336837 _____ C:\Users\malen_000\Desktop\ZHPDiag.txt 2021-07-23 16:53 - 2021-07-23 16:53 - 000000914 _____ C:\Users\malen_000\Desktop\ZHPSuite.lnk 2021-07-23 16:53 - 2021-07-23 16:53 - 000000000 ____D C:\Users\malen_000\AppData\Local\ZHP 2021-07-23 15:56 - 2021-07-23 15:56 - 003473048 _____ (Nicolas Coolman) C:\Users\malen_000\Desktop\ZHPSuite.exe 2021-07-23 15:10 - 2021-07-23 15:10 - 000000000 ____D C:\Users\malen_000\AppData\Local\DrDiagnostic 2021-07-23 15:09 - 2021-07-23 15:09 - 004537040 _____ (APC ) C:\Users\malen_000\Downloads\WinCheckup.exe 2021-07-23 15:09 - 2021-07-23 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCheckup 2021-07-23 15:09 - 2021-07-23 15:09 - 000000000 ____D C:\Program Files (x86)\WinCheckup 2021-07-23 15:08 - 2021-07-23 15:08 - 000000000 ____D C:\Users\malen_000\AppData\Local\TeamViewer 2021-07-23 15:05 - 2021-07-23 15:06 - 017465936 _____ (TeamViewer) C:\Users\malen_000\Downloads\TeamViewerQS.exe 2021-07-23 09:40 - 2021-07-23 09:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-07-23 09:28 - 2021-07-23 15:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-07-22 19:19 - 2021-07-22 19:19 - 001154210 _____ C:\Users\malen_000\Downloads\mtd-92-13a7765e600-4008423891768(1).pdf 2021-07-22 19:18 - 2021-07-22 19:18 - 001154210 _____ C:\Users\malen_000\Downloads\mtd-92-13a7765e600-4008423891768.pdf 2021-07-19 11:10 - 2021-07-19 11:10 - 000306812 _____ C:\Users\malen_000\Downloads\Fiche_Masques.pdf 2021-07-18 11:23 - 2021-07-18 11:23 - 000859895 _____ C:\Users\malen_000\Downloads\2-Groupe_de_travail_PREVENTION___THERAPEUTIQUE-1.pdf 2021-07-16 21:17 - 2021-07-16 21:17 - 000324135 _____ C:\Users\malen_000\Downloads\WEB_CGV_CONTRAT_IDEOSOLO_0621.pdf 2021-07-14 23:30 - 2021-07-14 23:30 - 000112587 _____ C:\Users\malen_000\Downloads\MpefvrzgGMy5yth8ma9h_08_af435bd0aa4fe915c2a51ed86819d451_file.pdf 2021-07-14 23:23 - 2021-07-14 23:24 - 006526053 _____ C:\Users\malen_000\Downloads\solidarita-bien_debuter_inscription.pdf 2021-07-14 16:19 - 2021-07-14 16:19 - 000018397 _____ C:\Users\malen_000\Downloads\a3TCE5xPGVMpGhVWtiXE_14_6def81b3755013e9df9b878c72578eeb_file(2).pdf 2021-07-14 16:18 - 2021-07-14 16:18 - 000018397 _____ C:\Users\malen_000\Downloads\a3TCE5xPGVMpGhVWtiXE_14_6def81b3755013e9df9b878c72578eeb_file.pdf 2021-07-14 16:18 - 2021-07-14 16:18 - 000018397 _____ C:\Users\malen_000\Downloads\a3TCE5xPGVMpGhVWtiXE_14_6def81b3755013e9df9b878c72578eeb_file(1).pdf 2021-07-14 09:48 - 2021-07-15 20:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-07-13 22:34 - 2021-07-13 22:34 - 000000812 _____ C:\Users\malen_000\Documents\Images - Raccourci.lnk 2021-07-12 20:18 - 2021-07-12 20:18 - 007464633 _____ C:\Users\malen_000\Downloads\c06973566.pdf 2021-07-10 11:42 - 2021-07-23 14:57 - 000000000 ____D C:\Users\malen_000\Desktop\MX5 2021-07-07 11:49 - 2021-07-07 11:49 - 000029578 _____ C:\Users\malen_000\Downloads\m0o7rPqaSGT3F1rLsGlg_CHF01-Texte-FR.pdf 2021-07-05 16:44 - 2021-07-05 16:44 - 002535554 _____ C:\Users\malen_000\Downloads\CAB180 - -20170621-Reflect Rectangle.pdf 2021-07-05 13:52 - 2021-07-05 13:52 - 005964948 _____ C:\Users\malen_000\Downloads\Eden Rectangulaire coulissante - notice.pdf 2021-07-04 20:56 - 2021-07-04 20:56 - 000190503 _____ C:\Users\malen_000\Downloads\FT_LEDA_CABINE_DOUCHE_KARA.pdf 2021-07-04 20:56 - 2021-07-04 20:56 - 000190503 _____ C:\Users\malen_000\Downloads\FT_LEDA_CABINE_DOUCHE_KARA(1).pdf 2021-07-04 20:25 - 2021-07-04 20:26 - 026872170 _____ C:\Users\malen_000\Downloads\3663602487159_mnl_FR_CFpdf.pdf 2021-07-04 19:38 - 2021-07-06 11:34 - 000000000 ____D C:\Users\malen_000\AppData\Local\molotov 2021-07-04 17:28 - 2021-07-05 19:48 - 000001858 _____ C:\Users\malen_000\Desktop\MX-5.txt 2021-07-04 16:54 - 2021-07-04 16:54 - 000000332 _____ C:\Users\malen_000\Desktop\PrépaAfterC19.txt 2021-07-03 14:40 - 2021-07-03 14:40 - 002535554 _____ C:\Users\malen_000\Desktop\CAB180 - -20170621-Reflect Rectangle(1).pdf 2021-07-02 22:14 - 2021-07-06 11:34 - 000000000 ____D C:\Users\malen_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov 2021-07-02 22:03 - 2021-07-05 21:23 - 000000000 ____D C:\Users\malen_000\AppData\Roaming\molotov 2021-06-29 16:16 - 2021-06-29 17:41 - 000000598 _____ C:\Users\malen_000\Desktop\AntiSangliers.txt 2021-06-26 17:43 - 2021-06-26 17:43 - 018268577 _____ C:\Users\malen_000\Downloads\MALAURY 120x90 cabine intégrale NOTICE.pdf.pdf 2021-06-26 17:43 - 2021-06-26 17:43 - 000281004 _____ C:\Users\malen_000\Downloads\MALAURY 120x90 cabine intégrale SCHEMA TECHNIQUE.pdf.pdf 2021-06-26 17:05 - 2021-06-26 17:05 - 002214453 _____ C:\Users\malen_000\Downloads\SODA.pdf 2021-06-20 22:01 - 2021-06-20 22:01 - 000011453 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-06-20 21:31 - 2021-06-20 21:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-06-20 21:31 - 2021-06-20 21:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-06-03 21:25 - 2021-06-03 21:25 - 000029531 _____ C:\Users\malen_000\Downloads\ReleveIdentiteBancaire.pdf 2021-06-01 16:31 - 2021-06-01 16:31 - 000586659 _____ C:\Users\malen_000\Downloads\Kit_d'Entrée_d'Air_Hygroréglable_Acoustique_-_ISOLA_HY.pdf 2021-06-01 12:07 - 2021-06-01 12:07 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-06-01 12:07 - 2021-06-01 12:07 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-06-01 12:07 - 2021-06-01 12:07 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-06-01 12:07 - 2021-06-01 12:07 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-06-01 12:07 - 2021-06-01 12:07 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-06-01 12:06 - 2021-06-01 12:06 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-06-01 12:06 - 2021-06-01 12:06 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-06-01 12:06 - 2021-06-01 12:06 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-06-01 12:06 - 2021-06-01 12:06 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-06-01 12:05 - 2021-06-01 12:05 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-06-01 12:05 - 2021-06-01 12:05 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-06-01 12:05 - 2021-06-01 12:05 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-06-01 12:05 - 2021-06-01 12:05 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-06-01 12:05 - 2021-06-01 12:05 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-06-01 12:04 - 2021-06-01 12:04 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-05-26 17:54 - 2021-05-26 17:54 - 000130997 _____ C:\Users\malen_000\Downloads\document.pdf 2021-05-25 17:40 - 2021-05-25 17:40 - 000119063 _____ C:\Users\malen_000\Downloads\notice-cerfa-15891-03-requete-en-vue-dune-protection-juridique-dun-majeur-habilitation-familiale-ou-protection-judiciaire.pdf 2021-05-25 17:28 - 2021-06-02 16:18 - 000000434 _____ C:\Users\malen_000\Desktop\DemandeImpots20.txt 2021-05-25 16:26 - 2021-05-25 16:26 - 000638407 _____ C:\Users\malen_000\Downloads\cerfa_15891-03(5).pdf 2021-05-25 13:38 - 2021-05-25 13:38 - 000075502 _____ C:\Users\malen_000\Downloads\Avis_de_taxe_d_habitation_CAP_2020(1).pdf 2021-05-23 19:19 - 2021-05-23 19:20 - 009373684 _____ C:\Users\malen_000\Downloads\projector_manual_8514.pdf 2021-05-21 12:29 - 2021-05-21 12:29 - 000085961 _____ C:\Users\malen_000\Downloads\ticket.pdf 2021-05-16 12:14 - 2021-05-16 12:14 - 000457905 _____ C:\Users\malen_000\Downloads\ButteGrandFormat.pdf 2021-05-15 19:51 - 2021-05-15 19:51 - 000000080 _____ C:\Users\malen_000\Desktop\CouteauBroyeur.txt 2021-05-15 14:46 - 2021-05-15 14:46 - 000281491 _____ C:\Users\malen_000\Downloads\20210512_nouvelle_etape_vers_un_retour_a_la_vie_normale_dans_les_ehpad_usld_et_residences_autonomie-2(1).pdf 2021-05-15 10:34 - 2021-05-15 10:48 - 000000000 ____D C:\Users\malen_000\AppData\Local\Notepad 2021-05-14 15:45 - 2021-05-14 15:45 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-05-14 15:44 - 2021-05-14 15:44 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-05-14 15:43 - 2021-05-14 15:43 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-05-14 15:42 - 2021-05-14 15:42 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-05-14 15:41 - 2021-05-14 15:41 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-05-14 15:41 - 2021-05-14 15:41 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-05-12 20:11 - 2021-05-12 20:11 - 000524206 _____ C:\Users\malen_000\Downloads\Devis_Macif_habitation_M001(1).pdf 2021-05-12 20:10 - 2021-05-12 20:10 - 001346165 _____ C:\Users\malen_000\Downloads\CG_habitation_RP_protectrice_20210401.pdf 2021-05-12 20:10 - 2021-05-12 20:10 - 000524206 _____ C:\Users\malen_000\Downloads\Devis_Macif_habitation_M001.pdf 2021-05-12 20:10 - 2021-05-12 20:10 - 000487973 _____ C:\Users\malen_000\Downloads\DIPA_habitation_principale_et_secondaire_economique.pdf 2021-05-12 19:37 - 2021-05-12 19:37 - 000127567 _____ C:\Users\malen_000\Downloads\swtyBkBRXdNjXSAFduG8v0F3b03NLxxwHA1fYaAZ.pdf 2021-05-12 15:56 - 2021-05-12 15:56 - 001346165 _____ C:\Users\malen_000\Downloads\CG_habitation_RP_protectrice.pdf 2021-05-12 15:56 - 2021-05-12 15:56 - 001346165 _____ C:\Users\malen_000\Downloads\CG_habitation_RP_protectrice(1).pdf 2021-05-12 08:51 - 2021-05-12 09:08 - 000000360 _____ C:\Users\malen_000\Desktop\PrixPiècesMatra.txt 2021-05-10 18:57 - 2021-05-10 18:57 - 000647356 _____ C:\Users\malen_000\Downloads\declaration-cession-cerfa-15776-01(1).pdf 2021-05-10 18:55 - 2021-05-10 18:55 - 000329235 _____ C:\Users\malen_000\Downloads\cerfa_13754-03.pdf 2021-05-06 16:43 - 2021-05-06 16:43 - 000098832 _____ C:\Users\malen_000\Downloads\Enedis_AR_14582199660543_2021-05-06.pdf 2021-05-05 20:32 - 2021-05-07 21:14 - 000000000 ____D C:\Users\malen_000\Desktop\MailsDjet 2021-05-05 10:22 - 2021-05-05 10:22 - 000007001 _____ C:\Users\malen_000\Downloads\PA4H93FGE4-recapitulatif-cni(3).pdf 2021-05-05 10:19 - 2021-05-05 10:19 - 000007001 _____ C:\Users\malen_000\Downloads\PA4H93FGE4-recapitulatif-cni(2).pdf 2021-05-05 10:17 - 2021-05-05 10:17 - 000007001 _____ C:\Users\malen_000\Downloads\PA4H93FGE4-recapitulatif-cni(1).pdf 2021-05-05 10:14 - 2021-05-05 10:14 - 000007001 _____ C:\Users\malen_000\Downloads\PA4H93FGE4-recapitulatif-cni.pdf 2021-05-04 12:13 - 2021-05-04 12:13 - 000006911 _____ C:\Users\malen_000\Downloads\R1NW634CAG-recapitulatif-cni.pdf 2021-05-03 21:08 - 2021-05-03 21:08 - 000638407 _____ C:\Users\malen_000\Downloads\cerfa_15891-03(3).pdf 2021-05-03 21:08 - 2021-05-03 21:08 - 000638407 _____ C:\Users\malen_000\Downloads\cerfa_15891-03(2).pdf 2021-05-03 21:08 - 2021-05-03 21:08 - 000119063 _____ C:\Users\malen_000\Downloads\notice_52257#04(1).pdf 2021-04-24 16:26 - 2021-04-24 16:26 - 000638407 _____ C:\Users\malen_000\Downloads\cerfa_15891-03(1).pdf 2021-04-24 16:15 - 2021-04-24 16:15 - 001245904 _____ (Adobe Inc) C:\Users\malen_000\Downloads\readerdc_fr_xa_crd_install.exe 2021-04-24 16:12 - 2021-04-24 16:12 - 000638407 _____ C:\Users\malen_000\Downloads\cerfa_15891-03.pdf 2021-04-24 16:12 - 2021-04-24 16:12 - 000119063 _____ C:\Users\malen_000\Downloads\notice_52257#04.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-07-23 18:03 - 2020-11-03 20:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-07-23 17:23 - 2016-11-16 12:38 - 000000000 ____D C:\Users\malen_000\AppData\LocalLow\Mozilla 2021-07-23 17:16 - 2019-09-21 21:54 - 000000000 ____D C:\Users\malen_000\AppData\Roaming\ZHP 2021-07-23 16:48 - 2020-03-02 00:05 - 000000000 ____D C:\ProgramData\NVIDIA 2021-07-23 16:48 - 2016-04-01 10:32 - 000000000 ____D C:\Program Files\CCleaner 2021-07-23 16:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-07-23 16:47 - 2019-01-30 09:59 - 000000000 ____D C:\ProgramData\Mozilla 2021-07-23 16:44 - 2020-11-03 21:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-07-23 16:44 - 2020-11-03 20:54 - 000008192 ___SH C:\DumpStack.log.tmp 2021-07-23 16:44 - 2014-09-01 08:57 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-07-23 16:43 - 2020-11-03 21:03 - 000000000 ____D C:\Users\malen_000 2021-07-23 16:43 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-07-23 16:10 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-07-23 15:48 - 2020-11-03 12:36 - 000000000 ___HD C:\$WinREAgent 2021-07-23 15:33 - 2016-04-01 00:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-07-23 15:10 - 2019-10-06 20:20 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-07-23 15:07 - 2018-06-21 16:32 - 000000000 ____D C:\Users\malen_000\AppData\Roaming\TeamViewer 2021-07-23 14:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-07-23 09:40 - 2016-04-05 17:41 - 000001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-07-23 09:26 - 2020-11-27 12:53 - 000000000 ____D C:\Users\malen_000\AppData\Local\CrashDumps 2021-07-22 22:58 - 2021-01-11 10:05 - 000000000 ____D C:\WINDOWS\Minidump 2021-07-22 17:35 - 2014-09-01 12:25 - 000000000 ____D C:\Users\malen_000\AppData\Local\ElevatedDiagnostics 2021-07-22 13:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-07-21 15:00 - 2020-07-05 14:11 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-20 22:43 - 2014-09-17 22:15 - 000000000 ____D C:\Users\malen_000\AppData\Roaming\vlc 2021-07-15 21:43 - 2014-09-04 13:20 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-07-15 21:34 - 2014-09-04 13:19 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-07-15 21:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-07-15 20:27 - 2018-04-02 16:35 - 000001219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-07-14 16:56 - 2016-06-16 09:58 - 000000000 ____D C:\Users\malen_000\Desktop\DocsCourants 2021-07-07 23:20 - 2020-07-16 16:17 - 000093760 _____ C:\Users\malen_000\AppData\Local\GDIPFONTCACHEV1.DAT 2021-07-04 19:38 - 2017-08-07 16:35 - 000000000 ____D C:\Users\malen_000\AppData\Local\SquirrelTemp 2021-07-03 18:02 - 2016-04-22 12:55 - 000000000 ____D C:\Users\malen_000\Documents\informatique 2021-07-02 23:29 - 2020-04-25 20:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-07-02 22:25 - 2019-01-23 12:47 - 000000000 ____D C:\Users\malen_000\Documents\MémoireRegistre 2021-07-02 22:23 - 2020-11-03 21:34 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-07-02 08:15 - 2020-11-30 12:54 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b21561b8fd5a 2021-07-02 08:15 - 2020-11-03 21:34 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-01 17:25 - 2016-04-22 12:54 - 000000000 ____D C:\Users\malen_000\Documents\construction 2021-06-26 12:20 - 2020-07-15 11:42 - 000000000 ____D C:\Users\malen_000\Desktop\BroyeurCassé 2021-06-26 12:16 - 2019-11-27 16:11 - 000000000 ____D C:\Users\malen_000\Desktop\SantéBureau ==================== Fichiers à la racine de certains dossiers ======== 2014-09-01 08:57 - 2019-12-14 21:36 - 000000074 _____ () C:\Users\malen_000\AppData\Roaming\sp_data.sys 2017-12-19 15:30 - 2017-12-19 15:30 - 000004608 _____ () C:\Users\malen_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-09-21 21:10 - 2019-09-21 21:10 - 000000000 _____ () C:\Users\malen_000\AppData\Local\oobelibMkey.log 2018-04-17 14:00 - 2018-04-17 14:00 - 000004188 _____ () C:\Users\malen_000\AppData\Local\recently-used.xbel 2014-12-28 12:18 - 2019-01-25 12:38 - 000007604 _____ () C:\Users\malen_000\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2015-12-08 20:09 - 2015-11-08 22:53 - 002880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy(359).dll 2015-06-23 10:35 - 2015-05-21 15:08 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic(361).dll 2015-12-08 20:08 - 2015-10-28 17:49 - 002775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui(362).dll 2015-03-05 10:21 - 2014-10-29 04:44 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32(366).dll 2015-12-09 13:16 - 2015-10-10 19:20 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv(367).dll 2015-01-31 20:46 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll 2015-01-31 20:46 - 2012-11-12 21:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll 2015-01-31 20:46 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll 2015-01-31 20:46 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll 2015-01-31 20:46 - 2012-11-12 21:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll 2015-01-31 20:46 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll 2015-03-05 10:27 - 2014-10-29 03:18 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\IDStore(371).dll 2015-12-08 20:09 - 2015-11-09 00:15 - 002887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(372).dll 2015-11-11 12:25 - 2015-10-15 18:08 - 000990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos(373).dll 2015-03-05 10:19 - 2014-10-29 04:49 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk(375).dll 2015-11-11 12:25 - 2015-10-10 19:33 - 001441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv(376).dll 2015-03-05 10:31 - 2014-10-29 03:26 - 000838656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon(380).dll 2015-03-05 10:23 - 2014-10-29 03:28 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib(384).dll 2015-11-11 12:25 - 2015-10-10 19:27 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel(385).dll 2015-12-08 20:09 - 2015-11-08 22:41 - 001546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon(387).dll 2015-12-08 20:09 - 2015-11-08 22:53 - 002487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet(388).dll 2015-12-09 13:16 - 2015-10-05 20:25 - 000572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon(389).exe 2015-04-15 11:43 - 2015-03-20 06:10 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64(391).dll 2015-04-15 11:43 - 2015-03-20 06:10 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu(392).dll 2015-03-05 10:27 - 2014-10-29 04:09 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDScDrv.dll 2015-12-08 20:08 - 2015-11-20 18:43 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi(393).dll 2015-08-02 16:05 - 2015-06-27 05:08 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups(394).dll 2020-12-22 17:32 - 2020-12-22 17:35 - 000072192 _____ C:\WINDOWS\cadkasdeinst01e.exe 2013-12-16 16:45 - 2013-12-16 16:45 - 000128536 _____ (IVT Corporation) C:\WINDOWS\SysWOW64\Bs2Res.dll 2014-05-22 17:29 - 2013-08-21 09:16 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll 2015-11-11 12:25 - 2015-08-20 19:48 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32(400).dll 2015-12-08 20:09 - 2015-11-10 02:08 - 002280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil(401).dll 2016-05-27 23:01 - 2006-05-03 20:14 - 000372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll 2013-09-02 14:03 - 2013-09-02 14:03 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll 2015-10-15 18:29 - 2015-08-07 16:13 - 000862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase(402).dll 2012-07-20 11:26 - 2012-07-20 11:26 - 000094720 _____ (Ralink) C:\WINDOWS\SysWOW64\legap.dll 2015-03-05 10:19 - 2014-10-29 04:04 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk(403).dll 2016-05-31 12:14 - 1997-02-27 00:00 - 001334032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msvbvm50.dll 2014-05-22 17:59 - 2014-05-22 17:59 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2014-05-22 17:59 - 2014-05-22 17:59 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2016-05-31 12:14 - 1997-01-29 17:53 - 000240640 _____ C:\WINDOWS\SysWOW64\NMOCOD.DLL 2016-05-31 12:14 - 1997-03-04 13:44 - 000066560 _____ (NetManage Inc.) C:\WINDOWS\SysWOW64\NMORENU.DLL 2016-05-31 12:14 - 1997-01-29 17:46 - 000048128 _____ (NetManage Inc.) C:\WINDOWS\SysWOW64\NMSCKN.DLL 2016-05-31 12:14 - 1997-01-29 17:58 - 000462848 _____ (NetManage Inc.) C:\WINDOWS\SysWOW64\NMW3VWN.DLL 2012-07-12 22:32 - 2012-07-12 22:32 - 000144384 _____ (TODO: ) C:\WINDOWS\SysWOW64\RaGATT.dll 2016-05-31 12:14 - 1997-02-27 00:00 - 000094992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb5fr.dll 2016-05-27 23:01 - 2006-05-03 20:13 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.DLL 2015-12-08 20:09 - 2015-11-10 01:17 - 002011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet(408).dll 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE 2013-12-13 06:09 - 2009-07-22 12:04 - 000024576 _____ C:\ProgramData\SetStretch.exe 2021-07-23 17:31 - 2021-07-23 17:32 - 002300416 _____ (Farbar) C:\Users\malen_000\Desktop\FRST64.exe 2021-07-23 15:56 - 2021-07-23 15:56 - 003473048 _____ (Nicolas Coolman) C:\Users\malen_000\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {d7d28fa1-e962-11e7-833b-806e6f6e6963} {d7d28fa2-e962-11e7-833b-806e6f6e6963} timeout 2 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {e9429fe6-1e05-11eb-bd11-c01d96a5edf3} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {d7d28fa1-e962-11e7-833b-806e6f6e6963} description CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {d7d28fa2-e962-11e7-833b-806e6f6e6963} description Network Card Chargeur de d‚marrage Windows ----------------------------- identificateur {3c990529-1e06-11eb-88dd-a22d88759f57} device ramdisk=[\Device\HarddiskVolume8]\Recovery\WindowsRE\Winre.wim,{3c99052a-1e06-11eb-88dd-a22d88759f57} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume8]\Recovery\WindowsRE\Winre.wim,{3c99052a-1e06-11eb-88dd-a22d88759f57} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {4a952407-3d06-41b8-a07e-1ebf7e0f7556} device ramdisk=[C:]\Aomei\AomeiBoot.wim,{f11b3560-5d1e-4b3b-8069-4026d8b7a05b} description Aomei PE osdevice ramdisk=[C:]\Aomei\AomeiBoot.wim,{f11b3560-5d1e-4b3b-8069-4026d8b7a05b} systemroot \Windows detecthal Yes winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {76775c54-e207-11e3-a957-f69a830a1976} device ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions} path \windows\system32\boot\winload.efi description WinPE osdevice ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions} systemroot \windows nx OptIn detecthal Yes winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {3c990529-1e06-11eb-88dd-a22d88759f57} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {e9429fe6-1e05-11eb-bd11-c01d96a5edf3} nx OptIn bootmenupolicy Standard Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {e9429fe6-1e05-11eb-bd11-c01d96a5edf3} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {3c990529-1e06-11eb-88dd-a22d88759f57} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {3c99052a-1e06-11eb-88dd-a22d88759f57} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume8 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options Ramdisk du programme d'installation ------------------------------------------- identificateur {ramdiskoptions} description Ramdisk options ramdisksdidevice partition=\Device\HarddiskVolume2 ramdisksdipath \boot\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {f11b3560-5d1e-4b3b-8069-4026d8b7a05b} ramdisksdidevice partition=C: ramdisksdipath \Aomei\AomeiBoot.sdi ==================== Fin de FRST.txt ========================